package com.ilxqx.framework.security.util;

import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.util.Assert;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/**
 * 框架安全工具类
 * @author venus
 */
@Slf4j
public final class SecurityUtils {

    /**
     * 手动登出处理
     * @param request 请求对象
     */
    public static void logout(HttpServletRequest request) {
        Assert.notNull(request, "请求对象不能为空");
        // 清除session
        HttpSession session = request.getSession(false);
        if (session != null) {
            log.info("清除SESSION信息，ID[{}]" + session.getId());
            session.invalidate();
        }

        // 清除securityContext
        SecurityContext context = SecurityContextHolder.getContext();
        context.setAuthentication(null);
        SecurityContextHolder.clearContext();
    }

}
